cgi-bin/ljtodo.pl

   1 package LJ::Todo;
   2 use strict;
   3
   4 sub get_permissions
   5 {
   6     my ($dbh, $perm, $opts) = @_;
   7     my $sth;
   8     my $u = $opts->{'user'};
   9     my $remote = $opts->{'remote'};
  10     my $it = $opts->{'item'};
  11
  12     return () unless $remote;
  13
  14     if ($u->{'userid'} == $remote->{'userid'}) {
  15         $perm->{'delete'} = 1;
  16         $perm->{'edit'} = 1;
  17         $perm->{'add'} = 1;
  18     } else {
  19         my $quser = $dbh->quote($u->{'user'});
  20
  21         ## check if you're an admin of that journal
  22         my $is_manager = $remote ? $remote->can_manage($u) : undef;
  23         if ($is_manager) {
  24             $perm->{'add'} = 1;
  25             $perm->{'delete'} = 1;
  26             $perm->{'edit'} = 1;
  27         } else {
  28             # TAG:FR:ljtodo:get_friends_in_group
  29             foreach my $priv (qw(add edit delete)) {
  30                 my $group = LJ::get_friend_group($u, { name => "priv-todo-$priv" });
  31                 next unless $group;
  32                 my $mask = 1 << $group->{groupnum};
  33                 my $friends = LJ::get_friends($u, $mask);
  34                 $perm->{$priv} = 1 if $friends->{$remote->{userid}};
  35             }
  36         }
  37     }
  38
  39     return;
  40 }
  41
  42
  43 1;